Appeals Court Asks the Right Questions in NSA Surveillance Case

On Monday, the Second Circuit Court of Appeals in New York held argument in United States v. Hasbajrami, an important case involving surveillance under Section 702 of the FISA Amendments Act. It is only the second time a federal appeals court has been asked to rule on whether the government can collect countless numbers of electronic communications—including those of Americans—and use these communications in criminal investigations, all without a warrant. In a lengthy and engaged argument [.mp3], a three-judge panel of the Second Circuit heard from lawyers for the United States and the defendant Agron Hasbajrami, as well as from ACLU attorney Patrick Toomey representing ACLU and EFF, which filed a joint amicus brief in support of the defendant. As we explained to the court in our amicus brief and at the argument, this surveillance violates Americans' Fourth Amendment rights on a massive scale.

Hasbajrami is a U.S. resident who was arrested at JFK airport in 2011 on his way to Pakistan and charged with providing material support to terrorists. Only after his conviction did the government explain that its case was premised in part on emails between Hasbajrami and an unnamed “Individual #1”—a foreigner associated with terrorist groups—obtained using PRISM, one of the government’s Section 702 programs.

Under Section 702, the government is authorized to warrantlessly intercept private online communications of foreigners located outside the U.S., an authority that the government claims extends to conversations between foreigners and Americans, so long as it doesn’t intentionally target specific Americans.

Much of the argument was spent probing at the legal justification for this “incidental collection” of Americans’ private communications. The government pointed out that the Fourth Amendment does not protect foreigners outside the U.S., so it does not need a warrant to surveil them. Even though Hasbajrami does have Fourth Amendment rights, the government likens its ability to read emails between Individual #1 and him to a traditional wiretap in which someone suspected of bank robbery might be “incidentally overheard” discussing prostitution with others not named in the wiretap order. The problem with this analogy is that a wiretap must be individually and closely supervised by a court to avoid violating the privacy of bystanders, something not required by Section 702.

The government’s analogy also obscures the actual operation and scope of Section 702 and PRISM. Agents do not sit with headphones in a darkened room listening to a wiretap in near real-time. Instead, the majority of the millions of emails, chats, calls, and other private communications collected are placed unread into vast databases, accessible to a number of federal agencies including the FBI. It seems likely that the government came across the emails in question in Hasbajrami long after the fact by searching these databases.

We don’t know for certain whether this search involved a query using Hasbajrami’s name, a practice known as a “backdoor search,” or someone else’s. During the argument, Judge Gerard Lynch pressed the government on this question, noting that its briefing was ambiguous. Judge Lynch pointed out that under the government’s “incidental overhear” argument, assuming the emails were lawfully collected in the first place, “we’ve got the government saying we could do kinda anything we want with that information.” So why, he asked, wouldn’t the government say definitively whether it used a backdoor search in this case so that the court would know whether it needed to rule on its constitutionality? As Patrick Toomey of the ACLU argued, at best, the government’s evasive answers showed the need for more public disclosure of the relevant facts in this case. And, he reminded the judges, recent decisions by the Supreme Court and the Second Circuit itself show that even when the government has an initially valid reason to collect information, its continued retention of that information may still violate the Fourth Amendment.

The court’s questions at oral argument demonstrated not only its close reading of the record but a keen awareness that its decision in Hasbajrami will not be written on a blank slate. It will follow on the heels of United States v. Mohamud, in which the Ninth Circuit upheld a similar use of Section 702 surveillance. That decision was so riddled with flaws that it led Orin Kerr, perhaps the most influential law professor on digital search issues, to write that some parts of its reasoning “border on the incoherent.” The Mohamud court uncritically accepted the government’s justification for incidental collection and, as Judge Lynch noted, it believed that backdoor searches weren’t at issue despite a similarly unclear record. Given the importance of the case, we hope the Second Circuit rules more carefully.

Related Updates

The U.S. government sends a lot of emails. Like any large, modern organization, it wants to “optimize” for “user engagement” using “analytics” and “big data.” In practice, that means tracking the people it communicates with—secretly, thoroughly, and often, insecurely. Granicus is a third-party contractor that builds communication tools to help...

It is not enough for government to pass laws that protect consumers from corporations that harvest and monetize their personal data. It is also necessary for these laws to have bite, to ensure companies do not ignore them. The best way to do so is to empower ordinary consumers to...

EFF is in it for the long run, especially in the important, hard fights for your rights. One of the longest running fights in online civil liberties is over your right to have a private conversation over a digital network. Whether it’s for our intimate relationships, our healthcare, our associations...

Throughout 2018, new surveillance practices continued to erode the privacy of people in Latin America. Yet local and regional digital rights organizations continue to push back with strategic litigation, journalists and security researchers investigate to shed light on government use of malware, and local activists work tirelessly to fight overarching...

To the extent that 260-page regulations can ever be said to be “famous,” Europe’s General Data Protection Regulation (GDPR) certainly had its moment in limelight in 2018. When it came into force on May 25, it was heralded by a flurry of emails from tech companies, desperate to re-establish their...

States are often the “laboratories of democracy,” to borrow a phrase from U.S. Supreme Court Justice Louis Brandeis. They lead the way to react quickly to technological advances, establish important rights, and sometimes pass laws that serve as a template for others across the country. This year, EFF worked—and fought—alongside...

In 2018, we learned that expanded biometric surveillance is coming to an airport near you. This includes face recognition, iris scans, and fingerprints. And government agencies aren’t saying anything about how they will protect this highly sensitive information. This fall, the Transportation Security Administration (TSA) published their Biometrics...

In an era where political and corporate leaders are attacking the free press as “the enemy of the people,” it’s crucial that we recognize the truth: journalists every day are uncovering stories that protect our rights and hold those in power accountable. Meanwhile, as the media landscape shrinks, non-profits are...